Cyber Security Engineer

Job Title: Cyber Security Engineer – SOAR & Python\nLocation: [Location / Remote]\nExperience: 3–5+ Years\nJob Summary\nWe are seeking a highly motivated and skilled Cyber Security Engineer with strong expertise in Security Orchestration, Automation, and Response (SOAR) platforms and Python scripting. The ideal candidate will be responsible for designing and implementing security automation solutions, streamlining incident response processes, and integrating security tools to enhance the organization's overall cybersecurity posture.\nKey Responsibilities\nDesign, develop, and maintain automated security workflows and playbooks using SOAR platforms such as Splunk Phantom, Cortex XSOAR, IBM Resilient, or similar solutions.\nDevelop and customize integrations between security tools, applications, and SOAR platforms using Python, APIs, and web services.\nAutomate incident response and remediation processes to improve operational efficiency and reduce manual effort.\nCollaborate with SOC analysts, threat intelligence teams, and security engineers to identify opportunities for automation and process optimization.\nMonitor, investigate, and analyze security incidents, perform root cause analysis, and implement automated mitigation strategies.\nSupport the integration and management of security technologies, including SIEM, EDR, firewalls, and threat intelligence platforms.\nDevelop reusable scripts, tools, and modules to support security operations and automation initiatives.\nEnsure adherence to security policies, standards, and compliance requirements.\nCreate and maintain technical documentation, playbooks, runbooks, and standard operating procedures.\nStay current with emerging cybersecurity threats, technologies, and industry best practices.\nRequired Skills & Qualifications\nStrong hands-on experience with SOAR platforms such as Splunk Phantom, Cortex XSOAR, IBM Resilient, or equivalent solutions.\nProficiency in Python scripting for automation, API integrations, data processing, and orchestration tasks.\nExperience working with security technologies such as SIEM (Splunk, QRadar), EDR solutions, firewalls, and threat intelligence platforms.\nGood understanding of cybersecurity principles, incident response methodologies, and security frameworks.\nHands-on experience with REST APIs, JSON, XML, and web service integrations.\nAbility to write efficient, modular, scalable, and maintainable code.\nExperience in developing, testing, and managing automated playbooks and workflows.\nStrong troubleshooting, debugging, analytical, and problem-solving skills.\nExcellent communication and collaboration skills.\nPreferred Qualifications\nExperience with cloud security platforms such as AWS, Azure, or GCP.\nCertifications such as CISSP, CEH, GIAC, Splunk SOAR Administrator, or equivalent security certifications.\nKnowledge of containerization technologies such as Docker and Kubernetes.\nFamiliarity with CI/CD pipelines and DevSecOps practices.\nExposure to additional scripting languages such as Bash, PowerShell, or Go.